Rats! Sorry about that.
On 18 June 2015 at 16:08, Felix Schumacher <[email protected]> wrote: > Hi sebb, > > I think the intended audience of this mail was [email protected]. > > Regards, > Felix > > Am 18. Juni 2015 16:03:12 MESZ, schrieb sebb <[email protected]>: >>Commons Compress has a Security Reports page: >> >>http://commons.apache.org/proper/commons-compress/security.html >> >>which contains details of known security issues. >> >>The page links to the general commons security page >>http://commons.apache.org/security.html >>for details of how to report security issues. >> >>I think it is a good idea to have both pages, but I wonder whether it >>might be less confusing if the pages had slightly different names? >> >>Especially since CP 37 site.xml has a bug which means that the >>Security link under General Information is resolved as being relative >>to the component. [This is a "feature" of Maven site when used with >>parent POMs]. >> >>If a component wants to provide a security report page, I suggest it >>should be called "security-report.html" or similar. >> >>Compress seems to be the only one with such a page so far, so it would >>not involve much work.
